添加链接 注册    登录
link之家
链接快照平台
  • 输入网页链接,自动生成快照
  • 标签化管理网页链接
相关文章推荐
腼腆的沙发  ·  A guide to compile ...·  3 月前    · 
风流倜傥的烈酒  ·  Android : comment ...·  1 年前    · 
不羁的上铺  ·  在.NET中,如何使用HttpClient启 ...·  1 年前    · 
大方的打火机  ·  I am getting issues ...·  2 年前    · 
腹黑的铅笔  ·  dart:convert library ...·  2 年前    · 
link之家  ›  應用於網路入侵系統之高效能電路可程式化系統晶片設計 = A High Performance Circuit Design Applied to Network Intrusion Detection
https://www.airitilibrary.com/Article/Detail/U0021-2004200718453285
成熟的柠檬
3 月前

此論文提出了用硬體來實現網路入侵偵測系統的電路設計,主要的概念是採用shift-or algorithm,並只使用到shift register, OR gates 和 ROM。 整個電路架構可以把ROM去除來稍作改良。此論文提出的硬體電路已經被驗證模擬及合成於Altera Stratix FPGA。實驗結果顯示出一次處理兩個characters的時候,throughput可到達6.75 Gbits/sec,硬體資源花費0.7 LE/chars。當電路一次處理四個characters的時候,throughput可達到9.2 Gbits/sec,硬體資源花費2.75 LE/chars。跟現有文獻來探討,我們提出的硬體電路可達到較高的throughput跟比較少的硬體資源。

This thesis introduces a novel FPGA based signature match co-processor that can serve as the core of a hardware-based network intrusion detection system (NIDS). The central idea of the signature match coprocessor is an architecture based on the shift-or algorithm, which utilizes simple shift registers, OR gates, and ROMs where patterns are stored. Moreover, the architecture can be improved further by the removal of the ROM. The proposed architecture has been prototyped, simulated and synthesized by the Altera Stratix FPGA. Experimental results reveal that the circuit with processing two characters at a time attains the throughput up to 6.75 Gbits/sec with area cost of 0.7 logic elements (LEs) per character. The circuit with processing four input characters at a time achieves the throughput up to 9.2 Gbits/sec with area cost of 2.75 LE per character. As compared with related works, experimental results show that the proposed architecture achieves higher throughput and less hardware resource in the FPGA implementations of NIDS.

[3] R. Baeza-Tates & G.H. Gonnet. (1992). “A new approach to text searching.”Communications of the ACM, 35, 74–82.
  • Google Scholar
    • [4] Z.K. Baker & V.K. Prasanna. (2005). “High-throughput Linked-Pattern Matching for Intrusion Detection Systems.” In Proceedings of the 2005 symposium on Architecture for networking and communications systems, 193–202.
  • Google Scholar
    • [5] C. Clark & D. Schimmel. (2004). “Scalable multi-pattern matching on high-speed networks.” In Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines, 249–257.
  • Google Scholar
    • [6] Y. H. Cho & W. H. Mangione-Smith. (2004). “Deep packet filter with dedicated logic and read only memories.” In Proceedings of the IEEE Symposium on Field- Programmable Custom Computing Machines, 125–134.
  • Google Scholar
    • [7] B. L. Hutchings, R. Franklin & D. Carver. (2002). “Assisting network intrusion detection with reconfigurable hardware.” Proceedings of the IEEE
  • Google Scholar
    • 施映男(2006)。 超越10Gbps之超高速特徵比對電路設計及其在網路入侵偵測系統之應用 〔碩士論文,國立臺灣師範大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0021-0712200716111540
  • Airiti Library
  • Google Scholar
    • 賴正岳(2007)。 以Microblaze處理器為基礎的網路入侵偵測系統之FPGA硬體電路實現 〔碩士論文,國立臺灣師範大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0021-2910200810562062
  • Airiti Library
  • Google Scholar
    •  
    推荐文章
    腼腆的沙发  ·  A guide to compile QGC Android - QGroundControl - Discussion Forum for PX4, Pixhawk, QGroundControl,
    3 月前
    风流倜傥的烈酒  ·  Android : comment résoudre l'exception Cleartext HTTP traffic to * not permitted ?
    1 年前
    不羁的上铺  ·  在.NET中,如何使用HttpClient启用与Cloudflare的403状态码和“请启用cookies。”一起工作的cookies?
    1 年前
    大方的打火机  ·  I am getting issues with starting Kali Linux VM in Virtual Box - Linux, macOS and Everything Not-Windows - Linus Tech Tips
    2 年前
    腹黑的铅笔  ·  dart:convert library - Dart API
    2 年前
    今天看啥   ·   Py中国   ·   codingpro   ·   小百科   ·   link之家   ·   卧龙AI搜索
    删除内容请联系邮箱 2879853325@qq.com
    link之家 - 链接快照平台
    © 2024 ~ 沪ICP备11025650号